The list of online security breaches is far longer than we would like it to be. Some of the world’s largest breaches and hacks have affected millions of users. You’ve heard of many of the companies: DoorDash (4.9 million), Twitter (330 million), MGM Hotels (10.6 million), and Microsoft (250 million). In fact, you or your company may have fallen victim to hacks or unauthorized access at some point. People affected by stolen data might want to hold someone accountable. But who is truly liable for a company’s data breach? The answer is that it’s complicated.
Consequences of a Data Breach
One of the first consequences that comes to mind is identity theft. You, your company, and your customers could find that stolen data has been used to obtain credit. It can take months or longer to recover from an identity theft incident.
Other problems include loss of reputation. Customers and clients might be reluctant to buy from you, especially online if they fear their data will be unprotected. Hackers that access your company’s computer systems could quickly wreak havoc by disrupting your operations or sending inappropriate emails.
Also, customers that have been caught up in your company’s data breach have filed lawsuits. In fact, plaintiffs have filed class-action lawsuits against companies like Target and Home Depot. The costs of defending the lawsuit come from your company’s coffers, as well as the money you might have to pay in settlements.
But that brings us back to the original question of who is actually liable for the problem?
Potential Liability
Generally, your company might be held accountable in civil courts for the following reasons:
- Negligence. Did your company attempt to protect sensitive data from a data breach? If not, then the company could be considered negligent. It’s well known that computer data can be vulnerable. Your company may also be considered liable if its cybersecurity measures fall below the standards of similar businesses.
- Post-Breach Actions. Did your business take immediate action upon learning of the data breach? It’s important to notify people affected by the problem and attempt to reduce any harm to them. Failing to do so could leave your company open to legal claims and lawsuits.
In today’s increasingly connected world, cybersecurity has become a prime concern of many business owners.
A Company’s Data Breach Needs Immediate Attention from a Legal Professional
If the worst has happened, you need an experienced attorney to protect your rights. Also, you might be signing contracts or other agreements as you prepare your company’s defenses. Never sign on the dotted line before a business lawyer or your corporate counsel has reviewed the document.
Attorney Richard Sierra at the Florida Small Business Center assists clients like you with business and litigation matters. As always, Our Goal Is to Help You Succeed™. For an appointment, you may call us at 1-866-842-5202 or use the contact form on our website. We represent clients throughout the State of Florida, including Coral Springs, Coconut Creek, Boca Raton, Delray Beach, Pompano Beach, Sunrise, Fort Lauderdale, Miami, West Palm Beach, Jupiter, Deerfield Beach, Stuart, Port St. Lucie, Orlando, Naples, Fort Myers, Sarasota, Tampa, and surrounding communities.